X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/disorder/blobdiff_plain/ac169f8a164a2a9e67e0d1d9392ed7994ea1b88b..026a72d4f3e7d69c31c9523aa08554d159e21e1a:/server/cgimain.c

diff --git a/server/cgimain.c b/server/cgimain.c
index 5f83e7a..253f82e 100644
--- a/server/cgimain.c
+++ b/server/cgimain.c
@@ -17,103 +17,64 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
  * USA
  */
-
-#include <config.h>
-#include "types.h"
-
-#include <stdio.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <locale.h>
-#include <string.h>
-#include <stdarg.h>
-
-#include "client.h"
-#include "sink.h"
-#include "cgi.h"
-#include "mem.h"
-#include "log.h"
-#include "configuration.h"
-#include "disorder.h"
-#include "api-client.h"
-#include "mime.h"
-#include "printf.h"
-#include "dcgi.h"
-#include "url.h"
-
-/** @brief Return true if @p a is better than @p b
- *
- * NB. We don't bother checking if the path is right, we merely check for the
- * longest path.  This isn't a security hole: if the browser wants to send us
- * bad cookies it's quite capable of sending just the right path anyway.  The
- * point of choosing the longest path is to avoid using a cookie set by another
- * CGI script which shares a path prefix with us, which would allow it to
- * maliciously log users out.
- *
- * Such a script could still "maliciously" log someone in, if it had acquired a
- * suitable cookie.  But it could just log in directly if it had that, so there
- * is no obvious vulnerability here either.
+/** @file server/cgimain.c
+ * @brief DisOrder CGI
  */
-static int better_cookie(const struct cookie *a, const struct cookie *b) {
-  if(a->path && b->path)
-    /* If both have a path then the one with the longest path is best */
-    return strlen(a->path) > strlen(b->path);
-  else if(a->path)
-    /* If only @p a has a path then it is better */
-    return 1;
-  else
-    /* If neither have a path, or if only @p b has a path, then @p b is
-     * better */
-    return 0;
-}
+
+#include "disorder-cgi.h"
 
 int main(int argc, char **argv) {
-  const char *cookie_env, *conf;
-  dcgi_global g;
-  dcgi_state s;
-  cgi_sink output;
-  int n, best_cookie;
-  struct cookiedata cd;
+  const char *conf;
 
-  if(argc > 0) progname = argv[0];
-  cgi_parse();
-  if((conf = getenv("DISORDER_CONFIG"))) configfile = xstrdup(conf);
-  if(getenv("DISORDER_DEBUG")) debugging = 1;
-  if(config_read(0)) exit(EXIT_FAILURE);
+  if(argc > 0)
+    progname = argv[0];
+  /* RFC 3875 s8.2 recommends rejecting PATH_INFO if we don't make use of
+   * it. */
+  /* TODO we could make disorder/ACTION equivalent to disorder?action=ACTION */
+  if(getenv("PATH_INFO")) {
+    /* TODO it might be nice to link back to the right place... */
+    printf("Content-Type: text/html\n");
+    printf("Status: 404\n");
+    printf("\n");
+    printf("<p>Sorry, PATH_INFO not supported.</p>\n");
+    exit(0);
+  }
+  /* Parse CGI arguments */
+  cgi_init();
+  /* We allow various things to be overridden from the environment.  This is
+   * intended for debugging and is not a documented feature. */
+  if((conf = getenv("DISORDER_CONFIG")))
+    configfile = xstrdup(conf);
+  if(getenv("DISORDER_DEBUG"))
+    debugging = 1;
+  /* Read configuration */
+  if(config_read(0/*!server*/))
+    exit(EXIT_FAILURE);
+  /* Figure out our URL.  This can still be overridden from the config file if
+   * necessary but it shouldn't be necessary in ordinary installations. */
   if(!config->url)
     config->url = infer_url();
-  memset(&g, 0, sizeof g);
-  memset(&s, 0, sizeof s);
-  s.g = &g;
-  g.client = disorder_get_client();
-  output.quote = 1;
-  output.sink = sink_stdio("stdout", stdout);
-  /* See if there's a cookie */
-  cookie_env = getenv("HTTP_COOKIE");
-  if(cookie_env) {
-    /* This will be an HTTP header */
-    if(!parse_cookie(cookie_env, &cd)) {
-      /* Pick the best available cookie from all those offered */
-      best_cookie = -1;
-      for(n = 0; n < cd.ncookies; ++n) {
-	/* Is this the right cookie? */
-	if(strcmp(cd.cookies[n].name, "disorder"))
-	  continue;
-	/* Is it better than anything we've seen so far? */
-	if(best_cookie < 0
-	   || better_cookie(&cd.cookies[n], &cd.cookies[best_cookie]))
-	  best_cookie = n;
-      }
-      if(best_cookie != -1)
-	login_cookie = cd.cookies[best_cookie].value;
-    }
-  }
-  disorder_cgi_login(&s, &output);
-  /* TODO RFC 3875 s8.2 recommendations e.g. concerning PATH_INFO */
-  disorder_cgi(&output, &s);
-  if(fclose(stdout) < 0) fatal(errno, "error closing stdout");
+  /* Pick up the cookie, if there is one */
+  dcgi_get_cookie();
+  /* Register expansions */
+  mx_register_builtin();
+  dcgi_expansions();
+  /* Update search path.  We look in the config directory first and the data
+   * directory second, so that the latter overrides the former. */
+  mx_search_path(pkgconfdir);
+  mx_search_path(pkgdatadir);
+  /* Never cache anythging */
+  if(printf("Cache-Control: no-cache\n") < 0)
+    fatal(errno, "error writing to stdout");
+  /* Create the initial connection, trying the cookie if we found a suitable
+   * one. */
+  dcgi_login();
+  /* Do whatever the user wanted */
+  dcgi_action(NULL);
+  /* In practice if a write fails that probably means the web server went away,
+   * but we log it anyway. */
+  if(fclose(stdout) < 0)
+    fatal(errno, "error closing stdout");
   return 0;
 }